CVE-2013-3925 is a vulnerability in Atlassian Crowd
Published on July 1, 2013

Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or (2) services/latest with a DTD containing an XML external entity declaration in conjunction with an entity reference.

NVD

Products Associated with CVE-2013-3925

Want to know whenever a new CVE is published for Atlassian Crowd? stack.watch will email you.

Atlassian Crowd

Exploit Probability

EPSS

0.35%

Percentile

56.69%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2013-3925 is a vulnerability in Atlassian CrowdPublished on July 1, 2013

Products Associated with CVE-2013-3925

Exploit Probability

CVE-2013-3925 is a vulnerability in Atlassian Crowd
Published on July 1, 2013